Due Diligence Checklists › SaaS › Growth / Pre-IPO

SaaS Startup Investment Checklist: Growth / Pre-IPO Stage (2026)

This checklist covers 28 due diligence items for SaaS startups at the Growth / Pre-IPO stage. Each item has been validated against institutional investor practice. DDR automates the majority of these checks from a single pitch deck PDF upload.

28 checklist items · 7 red flags automatically detected · See a sample DDR report

Growth / Pre-IPO Requirements

✓ $10M+ ARR with clear path to $100M+

✓ Profitability or credible path to profitability within 24 months

✓ Category leadership: top 1–2 in defined market

✓ CFO and board ready for public market scrutiny

✓ Revenue quality: multi-year contracts, low churn, high NRR

✓ Institutional governance: audit committee, independent board majority

SaaS Sector

✓ MRR and ARR verified with bank statements or Stripe export

✓ Monthly cohort retention curves reviewed for all customer vintages

✓ Customer concentration: top 5 customers < 30% of ARR

✓ NRR above 100% with underlying data verified

✓ All customer contracts reviewed for cancellation, auto-renewal, and pricing terms

✓ Competitive landscape documented with 5+ competitors profiled

✓ CAC payback period calculated from blended S&M spend

✓ Security posture: SOC 2 status, last pen test, data breach history

✓ Founder technical and go-to-market backgrounds verified

✓ Cap table reviewed: no major founder vesting cliffs approaching

Deep Dive

✓ Request full cohort analysis by signup month — retention curves tell the real PMF story

✓ Review every customer contract for cancellation clauses, auto-renewal terms, and pricing escalators

✓ Verify ARR vs. GAAP revenue distinction — multiyear contracts can inflate ARR

✓ Map all integrations and API dependencies — platform risk if built on one ecosystem

✓ Check competitor pricing pages and G2/Capterra reviews for positioning intelligence

✓ Review security posture: SOC 2, penetration testing, data residency for enterprise targets

Regulatory

✓ Verify: GDPR and CCPA: data residency requirements can add infrastructure cost for EU expansion

✓ Verify: HIPAA: any healthcare customer requires BAA agreements and strict data controls

✓ Verify: SOC 2 Type II: now table stakes for mid-market and enterprise buyers

OSINT Signals

✓ Check: G2/Capterra review count and rating trend (negative reviews signal churn risk)

✓ Check: LinkedIn headcount growth vs. ARR growth (hiring velocity signals growth trajectory)

✓ Check: GitHub activity for B2D (developer-facing) products

DDR AUTOMATES THIS CHECKLIST

Upload a SaaS startup pitch deck and DDR automatically completes 20+ of these 28 checklist items — sourcing data from 13 OSINT signals, benchmarking against 4 comparable companies, and detecting all 7 critical red flags.

GET YOUR FREE SCAN →

SaaS Due Diligence — All Guides

Due Diligence Guides by Sector

Fintech AI & ML EdTech HealthTech CleanTech Marketplace E-Commerce Cybersecurity